Scan filesystem trivy
Scan the current directory for vulnerabilities
trivy fs .
more trivy
all 15 commands →
Scan Kubernetes cluster
trivy k8s --report summary cluster
Scan with SARIF output
trivy image --format sarif --output results.sarif myimage:tag
Scan config files
trivy config .
Filter by severity
trivy image --severity HIGH,CRITICAL myimage:tag
Ignore unfixed vulns
trivy image --ignore-unfixed myimage:tag